Juniper BGP Convergence Time

• Previous message (by thread): Juniper BGP Convergence Time
• Next message (by thread): Juniper BGP Convergence Time
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu 2018-May-17 10:49:37 -0400, Adam Kajtar <akajtar at wadsworthcity.org> wrote:

>Thomas,
>
>Thanks for the info. This is probably why my multipath configuration wasn't
>working as I thought it would. I will give this a test run also.
>
>Mike,
>
>Interesting thought. This would mean rpf-check wouldn't work on my outside
>interfaces. Good to know.

Not necessarily that it doesn't work at all, but there are 
platform-specific differences in terms of loose vs. strict, whether the 
default route is considered in RPF evaluation, etc.  From 
https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/interfaces-configuring-unicast-rpf.html#jd0e50

> # Unicast RPF Behavior with a Default Route
> 
> On all routers except those with MPCs and the MX80 router, unicast RPF 
> behaves as follows if you configure a default route that uses an interface 
> configured with unicast RPF:
> 
> * Loose mode—All packets are automatically accepted. For this reason, we 
> recommend that you not configure unicast RPF loose mode on interfaces * 
> that the default route uses.
> * Strict mode—The packet is accepted when the source address of the 
> packet matches any of the routes (either default or learned) that can be 
> reachable through the interface. Note that routes can have multiple 
> destinations associated with them; therefore, if one of the destinations 
> atches the incoming interface of the packet, the packet is accepted.
> 
> On all routers with MPCs and the MX80 router, unicast RPF behaves as 
> follows if you configure a default route that uses an interface configured 
> with unicast RPF:
> 
> * Loose mode—All packets except the packets whose source is learned from 
> the default route are accepted. All packets whose source is learned from 
> the default route are dropped at the Packet Forwarding Engine. The 
> default route is treated as if the route does not exist.
> * Strict mode—The packet is accepted when the source address of the 
> packet matches any of the routes (either default or learned) that can be 
> reachable through the interface. Note that routes can have multiple 
> destinations associated with them; therefore, if one of the destinations 
> matches the incoming interface of the packet, the packet is accepted.
> 
> On all routers, the packet is not accepted when either of the following is 
> true:
> 
> * The source address of the packet does not match a prefix in the routing 
> table.
> * The interface does not expect to receive a packet with this source 
> address prefix.

-- 
Hugo Slabbert       | email, xmpp/jabber: hugo at slabnet.com
pgp key: B178313E   | also on Signal
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20180517/a34cd76e/attachment.sig>

• Previous message (by thread): Juniper BGP Convergence Time
• Next message (by thread): Juniper BGP Convergence Time
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]